Huge Health Data Heist in Singapore

The personal data of roughly 1.5 million patients has recently been stolen from healthcare services provider SingHealth, and around 160,000 of those impacted also had details of their outpatient prescriptions pinched.

This is said to be the largest cyber attack on the Asian city state, which has been pressing full steam ahead with digitalization in its bid to become a “Smart Nation”. For now, however, SingHealth and two other providers of healthcare services have had to respond by disconnecting all workstation computers from the internet by way of precaution. Various e-health projects have, moreover, been suspended for the time being, until the full story behind the SingHealth hack has been cleared up and additional security checks have successfully been passed.

The attack on SingHealth was carried out so professionally that the government is now assuming that the attacks were state sponsored according to a press statement. Among other things, the statement goes on to say, the attackers repeatedly targeted their efforts on attaining the health details and prescription of medication of Prime Minister Lee Hsien Loong, who has already survived two cases of cancer.

The data thieves gained access to SingHealth’s network through a carefully selected “front-end workstation”. From there, they managed to get hold of log-in details with a high degree of access rights for the patient database. Whether the malware was sneaked onto the workstation by means of email or some other vector of attack requiring physical access is as yet unknown.

More than 700,000 of those affected, for whom SingHealth has mobile phone numbers, were informed of the data theft without delay by means of SMS (there were also a few misdirected messages). Clients were also given the opportunity to check for themselves via an app and a website set up by the company itself, whether and to which extent they were affected by the data heist.

“As Singapore embraces the digital revolution, security breaches are bound to happen. Our growing digital footprint is growing every day, and enterprises need to take strict measures to safeguard and protect their data,” local website Rappler quotes Shahnawaz Backer, a local security specialist with F5 Networks, as saying in a report from the French news agency AFP.

Eric Hoh of FireEye took the same line in a statement given to CNN. “Many businesses and governments in Southeast Asia face cyber threats, but few recognize the scale of the risks they pose.” It is crucial that companies and authorities work together to ensure their mutual security, so that in case of an attack the consequences can be kept as minor as possible. Singapore is a cyber security leader, Hoh goes on to say. “We would like to see more governments follow their lead in disclosing breaches”, he wrote in a statement.

Latest posts

Always up to date

Retarus' NewsHub Update regularly informs you about new services, messaging challenges and their solutions, as well as business trends and the resulting technological developments ... Sign up now!

Archive

Archive

About Retarus

Retarus’ vision is to create the perfect network for the global economy. Therein, Retarus manages the safe and efficient flow of information for enterprises around the world.Read more ...

Be part of something big.

A Global Delivery Network that facilitates flawless information logistics for top international customers. That's a big job. And one that excites hundreds of Retarus employees worldwide. Would you like to be one of them? Find out more and apply now!

Always up to date

Retarus' NewsHub Update regularly informs you about new services, messaging challenges and their solutions, as well as business trends and the resulting technological developments ... Sign up now!